<?php
	require_once 'data.php';
	session_start();
	if (isset($_SESSION['client']))
		header("Location: home.php");
	else {
		$user = $_POST['login'];
		$user = mysql_real_escape_string($user);
		
		$pass = $_POST['password'];
		$pass = mysql_real_escape_string($pass);
		
		$con = mysql_connect($mysql_host, $mysql_user, $mysql_password);
		if (!$con)
		{
			die('Could not connect: ' . mysql_error());
		} else {
			mysql_select_db($mysql_database, $con);
			$sql = "select * from clientes where login ='" . $user . "' and pass = '" . SHA1($pass) ."'";
			mysql_query($sql);
			$afectados = mysql_affected_rows();
			mysql_close($con);
			if ($afectados == 1){
				$_SESSION['client'] = $user;
				header("Location: home.php");	
			} else {
				session_destroy();
				header("Location: index.php");
			}	
		}
	} 
?>